The Gastroenterological Society of Australia (GESA)
is committed to protecting the privacy of the Personal Information it
collects and receives. This policy has been developed in accordance with
the Australian Privacy Principles (APPs) contained in the Privacy Act 1988
(Cth) (Privacy Act). The APPs govern the way in which we collect, use,
disclose, store, secure and dispose of your Personal Information.

This policy outlines our ongoing obligations to you in respect of how we
manage your Personal Information and explains how GESA collects, uses,
discloses and otherwise handles Personal Information relating to
individuals, whether or not they are members of GESA. It also explains how you can
ask to access and correct the Personal Information we hold about you or
complain about any suspected privacy breach. Nothing in this policy limits
any of our other obligations at law.

A copy of the Australian Privacy Principles may be obtained from the website of The Office of the Australian Information Commissioner at
www.oaic.gov.au

What is Personal Information and why do we collect it?

Personal Information is information or an opinion that identifies an
individual. GESA is required to collect Personal Information only by lawful
and fair means. Where possible we will collect Personal Information we
require directly from you.

your preferences and interests and any other information relevant to your membership or potential membership with GESA.

We may request from you additional information we require to provide our
services to you, or to allow the organisation you work for to provide GESA
with services. Further information may be collected with your consent in
specific instances as notified to you.

When GESA collects Personal Information GESA will, where appropriate and
where possible, explain to you why we are collecting the information and how we plan to use it
and will notify you of the purposes for which we are collecting the information.

Where reasonable and practicable to do so we will collect your Personal
Information only from you. However in some circumstances we may be
provided with information by third parties. In such a case we will take
reasonable steps to ensure that you are made aware of the information
provided to us by the third party.

Your Personal Information held by GESA will not be used or
disclosed by us, except as authorised by you or as is reasonably necessary
for the purposes outlined to you.

Should you choose not to provide Personal Information we may not be able to
provide you with the services you require or we may not be able to provide you with the required
services to a level that we regard as best practice.

The Personal Information we may collect is obtained in many ways including:-

from information supplied by you in conversation or communications with
you or your colleagues, employees or employer;

interviews;

correspondence;

by telephone or facsimile;

by email;

via our websites;

from your website;

from media or publications;

from other publicly available sources or

from third parties.

We collect your Personal Information for the primary purpose of providing
our services to you and to provide information to relevant third parties e.g. the
general public. We may also use your Personal Information for
secondary purposes closely related to the primary purpose, in circumstances
where you would reasonably expect such use or disclosure.

Additionally, GESA may use Personal Information to:

maintain and update details for membership and website administration purposes;

administer the GESA website;

manage the usage of website resources;

enable your access to and use of the website services;

publish information about you on the website;

send products to you that you have requested or purchased using the website;

supply services or information that you have requested or purchased using the website;

send receipts or invoices;

collect payments;

conduct activities for quality and research purposes or

send marketing communications (you may unsubscribe from our mailing/marketing lists at any time by contacting us in writing).

Patient Identification Information

If you provide any patient information to us it is your responsibility to ensure that all patient privacy obligations are met and that any necessary patient consent has been obtained first. Only
anonymous patient information should be provided to GESA. If any patient identification information is included in the data you provide to us it is your responsibility to ensure that you address
this issue with your patient and that their consent has been obtained. You may also need to check that the privacy requirements of your practice or institution do not conflict with or limit this
requirement.

While all patient information provided to GESA should be anonymous
GESA strives to manage all patient information it holds in a manner fully consistent
with the accepted standard for storage of medical records in Australia.

CCRTGE and Colonoscopy Recertification Programs

The CCRTGE and Colonoscopy Recertification programs collect information on
patient procedures and practitioners. All data collected is treated
according to the principles in this policy and used only for the stated
purposes of the programs. Participation in these programs is
taken as consent by all participants, both practitioners and patients, to
the terms of this privacy policy.

Sensitive Information

Sensitive information is defined in the Privacy Act to include information
or opinion about such things as an individual's racial or ethnic origin,
political opinions, membership of a political association, religious or
philosophical beliefs, membership of a trade union or other professional
body, criminal record or health information.

Sensitive information will be used by us only where it is reasonably
necessary for our core functions and/or activities for example:

for the primary purpose for which it was obtained;

for a secondary purpose that is directly related to the primary purpose;

with your consent;

where required or authorised by law;

to interact with other professional associations with which we have reciprocal arrangements with your consent or

to collect dietary requirements for events and conferences.

Information stored locally on your computer

We (or a third party providing services to us, such as Google) may use cookies, pixel tags, “flash cookies”, or other local
storage on your computer provided by your browser or associated software applications which may
collect and store your Personal Information.

Your internet browser may be set to enable cookies. If you prefer not to
allow the use of cookies on your computer you can adjust your internet browser settings to disable cookies.
Disabling cookies may limit the functionality of websites that you visit.

Your use of our websites is taken to mean that you consent to and acknowledge that we collect your Personal Information
through cookies or any other local storage used by GESA or third party services such as Google Analytics.

The GESA website may also include links to third party websites. GESA is
not responsible for the privacy policies and practices or use of cookies of
any third party website.

GESA websites are hosted by an online service provider which may change
from time to time. Our service providers’ use of cookies is not covered by
our Privacy Policy.

Collecting Information about your use of this website

When a person visits a GESA website a record of their visit may be logged
and the following information recorded for statistical, quality or
maintenance purposes:-

the date and time of the visit;

the address of the pages accessed and the documents downloaded and

the type and operating system of the device used to access the site.

Many of the GESA websites have Google Analytics enabled. Google Analytics
provides general information about the use of our websites including how often web pages are visited and what, if
any, links are clicked or files downloaded.

None of the above data is linked to any individual user, even where a login is required.

Disclosure of Personal Information

Your Personal Information may be used by us or our associates and disclosed
in a number of circumstances, including the following:

where you consent to the use by or disclosure to third parties;

where required or authorised by law;

to provide products and services to you;

to collect payments and to administer your account;

to provide you with updated or new information about our offerings and services;

for the development of existing and new offerings and services;

to maintain and update our business infrastructure and systems and

to promote our other offerings and services to you.

In providing our offerings and services, or collecting and using your
Personal Information, your Personal Information may be disclosed to third
party organisations including:

information technology service providers;

conference organisers;

printers and distributors of direct marketing material;

our legal, accounting, financial or other professional advisors;

regulatory, government and other authorities as required by law;

international bodies with which we have mutual recognition agreements;

members of GESA committees such as advisory committees;

our partners and sponsors to enable them to provide information about their products and services;

marketing and communications agencies or

mailing houses, freight and courier services.

Where GESA discloses Personal Information to its agents or sub-contractors
for these purposes the agent or sub-contractor will be obliged to use that
Personal Information in accordance with the terms of this privacy
statement.

In such a case we will take reasonable steps to ensure that you are made
aware of the information disclosed to the third party, and.

whether any of those third parties are located overseas and, if practicable to specify, the countries in which they are located and

how to access and correct Personal Information and make privacy complaints.

In addition to the disclosures reasonably necessary for the purposes
identified above, GESA may disclose Personal Information to the extent that
it is required to do so by law, in connection with any legal proceedings or
prospective legal proceedings and in order to establish, exercise or defend
its legal rights.

Cross-border Data Transfers

Information that GESA collects may be stored and processed in and
transferred between any of the countries in which GESA operates to enable
the use of the information in accordance with this privacy policy.

In addition, any Personal Information submitted to the website with the
understanding that it will be used for publication on the website may be
published on the internet and may therefore be publicly available.

Unsolicited Personal Information is Personal Information we receive that we
have taken no active steps to collect. If the information we receive is not
required for GESA to perform one or more of our services or activities,
GESA will destroy the information as soon as practicable.

Maintaining the Quality of your Personal Information

GESA takes reasonable steps to ensure that the Personal Information we
collect, use or disclose is accurate, complete and up-to-date. However, the
accuracy of that information depends to a large extent on the information
you provide. It is an important to us that your Personal Information is up
to date. If you find that the information we have is not up to date or is
inaccurate, please advise us as soon as practicable so we can update our
records and ensure we can continue to provide quality services to you. We
recommend that you let us know if there are any errors in your Personal Information and that you keep us updated with changes to your information.

Security of Personal Information

We take reasonable steps to protect your Personal Information we hold. Your
Personal Information is stored in a manner that reasonably protects it from
misuse and loss and from unauthorised access, modification or disclosure.

When your Personal Information is no longer needed for the purpose for
which it was obtained, we will take reasonable steps to destroy your Personal Information. However, most of the
Personal Information is or will be stored in client files which will be
kept by us for a minimum of seven years.

You can also help to protect the privacy of your Personal Information by
keeping passwords secret and by ensuring that you log out of the website
when you have completed your transaction. If you become aware of any
security breach please contact GESA head office as soon as possible.

Securing Your Data

GESA will take reasonable technical and organisational precautions to
prevent the loss, misuse or alteration of Personal Information.

GESA will store all the Personal Information provided on secure servers.

Information relating to electronic transactions entered via this website
will be protected by encryption technology.

Access to your Personal Information

You may access the Personal Information we hold about you and to update
and/or correct it, subject to certain exceptions as allowed by law. If you
wish to access your Personal Information please contact us in writing. We
will assess your request and provide you with a response, usually within ten
working days.

GESA will not charge any fee for your access request, however, we may charge
an administrative fee for providing a copy of your Personal Information.

In order to protect your Personal Information we may require
identification from you before releasing the requested information.

If we refuse your request, or if we refuse to give you access in the manner
you requested, GESA’s policy is to provide you with written confirmation of
the reasons for our refusal and the available complaint process.

Members can access and update their contact details by logging in to the
member-only area of the GESA website. For any Personal Information that cannot
be accessed and corrected through the GESA website please contact us using the contact information on the 'Contact' page of this website.

Unsubscribing

You may opt out of receiving our marketing, advertising and promotional
notices, offers and communications by emailing us at the email address
listed on the 'Contact' page of this website, or by following the ‘unsubscribe’ link in our
email communication campaigns.

Policy Updates and Variations

This policy may be changed (varied or updated) from time to time in
accordance with any legislative changes, changes to our practices or
changes to the way we collect, use and disclose any Personal Information.

Privacy Policy Complaints and Enquiries

If you have any queries or complaints about our Privacy Policy or about how
GESA has collected, stored or used your Personal Information please contact
us using the contact information on the 'Contact' page of this website.

We will endeavour to deal with your complaint and take any steps
necessary to resolve the matter promptly, but usually within ten business
days.

If your complaint is unable to be resolved within ten business days GESA
will advise you in writing to let you know when we expect to
provide our response.